Aleksanteri Kivimäki, the Finnish cybercriminal convicted of more than 20,000 counts of attempted extortion after hacking a psychotherapy center, was released from custody on Thursday as he appeals his case.
After two days of testimony this week, the Helsinki Court of Appeal decided to release Kivimäki as his trial continues into November, partially due to his long pretrial detention, as reported by the Helsinki Times.
Kivimäki, who denied all the charges, has been in custody since 2023, when he was arrested in France and extradited to Finland. The release does not overturn his previous conviction and sentence for six years and three months, but under Finnish law he is presumed innocent while appealing the conviction.
His release is the latest chapter in one of Europe’s most significant criminal data privacy cases, with the hacker — who previously had been convicted as a teenager for his involvement with the “griefing” collective Lizard Squad — found guilty of attempting industrial-scale extortion against the clients of the Vastaamo therapists.
Lawyers representing his victims told journalists this week that their clients are still suffering as a result of the hack. As a whole the case “has deeply shaken Finnish society,” according to a feature-length report about the incident in the Christian Science Monitor, where the hack was described as “a watershed event for Finland.”
The hack of Vastaamo took place in 2018, but was made public in 2020 when Kivimäki allegedly began to extort individual patients by threatening to publish their stolen information and therapy details online unless they paid him.
More than 24,000 people reported receiving such an extortion attempt to the Finnish police — a record number of victims in a criminal trial. According to reports, many of the victims were children or receiving treatment for severe trauma.
The stolen documents were subsequently uploaded to the dark web. However, as reported by independent journalist Brian Krebs, the uploaded files also contained a copy of the perpetrator’s home folder, which “exposed a number of clues” pointing to Kivimäki.
Kivimaki has claimed the investigation against him was poorly conducted and his conviction based on circumstantial evidence. He has denied using virtual servers linked to the hack and disputed the relevance of cryptocurrency transactions allegedly linking him to the extortion.
Prosecutors “referred to forensic connections between server logs, bitcoin transactions, and materials linking the server contents to Kivimäki, including personal photographs and email usage,” reported the Helsinki Times.
The trial is ongoing. The Helsinki Court of Appeal is expected to issue a ruling later this year.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Alexander Martin
is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.
